Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
[libssh server fingerprints] An analysis of Censys Public Scan 20180807 (only port 22) to estimate the number of servers {potentially} vulnerable to the recent Libssh bug #libssh #hassh

Libssh authentication bypass vulnerability (CVE-2018-10933)

An analysis of Censys Public Scan 20180807 (only port 22) to estimate the number of servers {potentially} vulnerable to the recent Libssh bug.

The most common hasshServer values for each libssh version:

hasshServer Server Identification String Count
489e30454fb8c5bdc15e54b24a80d109 SSH-2.0-libssh-0.6.0 1076
5415e306f43f87ee2a5b9e5211eaefac SSH-2.0-libssh_0.7.0 406
300791d5ac0d0fe0c11c7591e1216691 SSH-2.0-libssh-0.6.3 321
e80597ec7cbc1477a68bd9117d87dfdd SSH-2.0-libssh-0.7.2 51
e5c1da26cdde67ec7b2a7759b13b6d28 SSH-2.0-libssh-0.6.5 22
50a0624954cdf5c897aac12b66688dec SSH-2.0-libssh_0.7.5 16
e80597ec7cbc1477a68bd9117d87dfdd SSH-2.0-libssh-0.7.3 8
c251cb842064997a986c1bc145aec3bd SSH-2.0-libssh-0.7.1 6

hasshServer values of all observed libssh versions:

hasshServer Server Identification String Count
489e30454fb8c5bdc15e54b24a80d109 SSH-2.0-libssh-0.6.0 1076
300791d5ac0d0fe0c11c7591e1216691 SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.3 442
5415e306f43f87ee2a5b9e5211eaefac SSH-2.0-libssh_0.7.0 406
6b52d83483f50b8f01f406a47b0c730c SSH-2.0-libssh_0.7.0 131
6e3fb87b7382dbced382641f012ced5e SSH-2.0-libssh-0.7.0 98
525f9e1788267b077b6e2b2529492905 SSH-2.0-libssh-0.7.0 74
e80597ec7cbc1477a68bd9117d87dfdd SSH-2.0-libssh-0.7.2, SSH-2.0-libssh-0.7.3 59
bf8ae9cb26a1222fe7b9323edd6f8814 SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.1, SSH-2.0-libssh-0.6.3 37
85a34ecc072b7fee11a05e8208ffc2a2 SSH-2.0-libssh_0.7.0 33
3cec38e362b52f605c3f619d2fa898a9 SSH-2.0-libssh-0.6.0 28
e5c1da26cdde67ec7b2a7759b13b6d28 SSH-2.0-libssh-0.6.5 22
50a0624954cdf5c897aac12b66688dec SSH-2.0-libssh_0.7.5 16
c251cb842064997a986c1bc145aec3bd SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.7.0, SSH-2.0-libssh-0.7.1 15
a3c5503aaac766fe70067eb7d7114046 SSH-2.0-libssh_0.7.5 8
a957df03ca15a1f0f532f55cb031d4a0 SSH-2.0-libssh-0.6.3 6
ff0e73523bfc6173fc6029705689efa5 SSH-2.0-libssh_0.7.5 5
59553fa7f7cd28b35246771fa9a493ea SSH-2.0-libssh-0.7.3 3
9e706fd7cb4747756448bbc74e27220b SSH-2.0-libssh-0.6.0 2
7f0ad9c1c1b97136bb439aee56427bea SSH-2.0-libssh-0.7.2 1
c5e3f21bfd616e32afee0563dc27880d SSH-2.0-libssh-0.7.3 1

Unique libssh hasshServers (not common with any other ssh servers):

hasshServer Server Identification String
489e30454fb8c5bdc15e54b24a80d109 SSH-2.0-libssh-0.6.0
300791d5ac0d0fe0c11c7591e1216691 SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.3
5415e306f43f87ee2a5b9e5211eaefac SSH-2.0-libssh_0.7.0
6e3fb87b7382dbced382641f012ced5e SSH-2.0-libssh_0.7.0
525f9e1788267b077b6e2b2529492905 SSH-2.0-libssh-0.7.0
3cec38e362b52f605c3f619d2fa898a9 SSH-2.0-libssh-0.5.2, SSH-2.0-libssh-0.5.5, SSH-2.0-libssh-0.6.0
85a34ecc072b7fee11a05e8208ffc2a2 SSH-2.0-libssh-0.7.0
e5c1da26cdde67ec7b2a7759b13b6d28 SSH-2.0-libssh-0.6.5
50a0624954cdf5c897aac12b66688dec SSH-2.0-libssh_0.7.5
a3c5503aaac766fe70067eb7d7114046 SSH-2.0-libssh_0.7.5
a957df03ca15a1f0f532f55cb031d4a0 SSH-2.0-libssh-0.6.3
59553fa7f7cd28b35246771fa9a493ea SSH-2.0-libssh-0.7.3
9e706fd7cb4747756448bbc74e27220b SSH-2.0-libssh-0.6.0
7f0ad9c1c1b97136bb439aee56427bea SSH-2.0-libssh-0.7.2
c5e3f21bfd616e32afee0563dc27880d SSH-2.0-libssh-0.7.3
f1ac99f2fbd8ecf3252d3dc9eb436e82 SSH-2.0-libssh-0.7.3

libssh hasshServer values common with other ssh servers:

hasshServer Server Identification String
e80597ec7cbc1477a68bd9117d87dfdd SSH-2.0-Gitee.com, SSH-2.0-HomeSSH-v1.1, SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3, SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, SSH-2.0-RESTRICTED, SSH-2.0-WingFTPServer, SSH-2.0-dropbear, SSH-2.0-elastic-sshd, SSH-2.0-libssh, SSH-2.0-libssh-0.7.2, SSH-2.0-libssh-0.7.3, SSH-2.0-sftpwrapper
6b52d83483f50b8f01f406a47b0c730c SSH-2.0-OpenSSH_6.8, SSH-2.0-libssh_0.7.0
bf8ae9cb26a1222fe7b9323edd6f8814 SSH-2.0-1.0.0(NET9), SSH-2.0-OpenSSH, SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.2_hpn13v11, SSH-2.0-OpenSSH_6.6.1, SSH-2.0-SSH-2.0-dropbear_2012.55, SSH-2.0-elastic-sshd, SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.1, SSH-2.0-libssh-0.6.3
c251cb842064997a986c1bc145aec3bd SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.5, SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.7.0, SSH-2.0-libssh-0.7.1, SSH-2.0-sftpwrapper
ff0e73523bfc6173fc6029705689efa5 SSH-2.0-WingFTPServer, SSH-2.0-libssh_0.7.5
@blacknbunny

This comment has been minimized.

Copy link

commented Oct 19, 2018

Nice information, I share it on my post.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.